niklas/amduat
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Added AMDUAT_ASL_STORE_ERR_IO and used it in the FS store path so I/O/internal failures no longer surface as integrity errors; updated CLI/error mappings so the new error is visible and gets the IO exit code. This keeps integrity reserved for actual content/hash/collision issues while still preserving existing semantics for not-found/unsupported.

Browse source
This commit is contained in:
Carl Niklas Rydberg 2025-12-21 22:59:31 +01:00
parent fe9acea94b
commit 24ad51ff46
7 changed files with 72 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
include/amduat/asl/store.h
View file

@ -20,7 +20,8 @@ typedef enum {
AMDUAT_ASL_STORE_OK = 0, AMDUAT_ASL_STORE_OK = 0,
AMDUAT_ASL_STORE_ERR_INTEGRITY = 1, AMDUAT_ASL_STORE_ERR_INTEGRITY = 1,
AMDUAT_ASL_STORE_ERR_UNSUPPORTED = 2, AMDUAT_ASL_STORE_ERR_UNSUPPORTED = 2,
AMDUAT_ASL_STORE_ERR_NOT_FOUND = 3 AMDUAT_ASL_STORE_ERR_NOT_FOUND = 3,
AMDUAT_ASL_STORE_ERR_IO = 4
} amduat_asl_store_error_t; } amduat_asl_store_error_t;
typedef struct { typedef struct {

77
src/adapters/asl_store_fs/asl_store_fs.c
View file

@ -35,7 +35,8 @@ typedef enum {
typedef enum { typedef enum {
AMDUAT_ASL_STORE_FS_READ_OK = 0, AMDUAT_ASL_STORE_FS_READ_OK = 0,
AMDUAT_ASL_STORE_FS_READ_NOT_FOUND = 1, AMDUAT_ASL_STORE_FS_READ_NOT_FOUND = 1,
AMDUAT_ASL_STORE_FS_READ_ERR = 2 AMDUAT_ASL_STORE_FS_READ_IO = 2,
AMDUAT_ASL_STORE_FS_READ_CORRUPT = 3
} amduat_asl_store_fs_read_status_t; } amduat_asl_store_fs_read_status_t;
@ -196,7 +197,7 @@ static amduat_asl_store_fs_read_status_t amduat_asl_store_fs_read_file(
int fd; int fd;
if (path == NULL || out_bytes == NULL || out_size == NULL) { if (path == NULL || out_bytes == NULL || out_size == NULL) {
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_IO;
} }
*out_bytes = NULL; *out_bytes = NULL;
*out_size = 0; *out_size = 0;
@ -205,22 +206,22 @@ static amduat_asl_store_fs_read_status_t amduat_asl_store_fs_read_file(
if (errno == ENOENT || errno == ENOTDIR) { if (errno == ENOENT || errno == ENOTDIR) {
return AMDUAT_ASL_STORE_FS_READ_NOT_FOUND; return AMDUAT_ASL_STORE_FS_READ_NOT_FOUND;
} }
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_IO;
} }
if (!S_ISREG(st.st_mode)) { if (!S_ISREG(st.st_mode)) {
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_CORRUPT;
} }
if (st.st_size <= 0) { if (st.st_size <= 0) {
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_CORRUPT;
} }
if ((uintmax_t)st.st_size > SIZE_MAX) { if ((uintmax_t)st.st_size > SIZE_MAX) {
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_CORRUPT;
} }
file_size = (size_t)st.st_size; file_size = (size_t)st.st_size;
buffer = (uint8_t *)malloc(file_size); buffer = (uint8_t *)malloc(file_size);
if (buffer == NULL) { if (buffer == NULL) {
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_IO;
} }
fd = open(path, O_RDONLY); fd = open(path, O_RDONLY);
@ -229,7 +230,7 @@ static amduat_asl_store_fs_read_status_t amduat_asl_store_fs_read_file(
if (errno == ENOENT || errno == ENOTDIR) { if (errno == ENOENT || errno == ENOTDIR) {
return AMDUAT_ASL_STORE_FS_READ_NOT_FOUND; return AMDUAT_ASL_STORE_FS_READ_NOT_FOUND;
} }
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_IO;
} }
total_read = 0u; total_read = 0u;
@ -241,19 +242,19 @@ static amduat_asl_store_fs_read_status_t amduat_asl_store_fs_read_file(
} }
close(fd); close(fd);
free(buffer); free(buffer);
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_IO;
} }
if (rc == 0) { if (rc == 0) {
close(fd); close(fd);
free(buffer); free(buffer);
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_CORRUPT;
} }
total_read += (size_t)rc; total_read += (size_t)rc;
} }
if (close(fd) != 0) { if (close(fd) != 0) {
free(buffer); free(buffer);
return AMDUAT_ASL_STORE_FS_READ_ERR; return AMDUAT_ASL_STORE_FS_READ_IO;
} }
*out_bytes = buffer; *out_bytes = buffer;
@ -277,9 +278,15 @@ static amduat_asl_store_error_t amduat_asl_store_fs_compare_existing(
if (read_status == AMDUAT_ASL_STORE_FS_READ_NOT_FOUND) { if (read_status == AMDUAT_ASL_STORE_FS_READ_NOT_FOUND) {
return AMDUAT_ASL_STORE_ERR_NOT_FOUND; return AMDUAT_ASL_STORE_ERR_NOT_FOUND;
} }
if (read_status != AMDUAT_ASL_STORE_FS_READ_OK) { if (read_status == AMDUAT_ASL_STORE_FS_READ_IO) {
return AMDUAT_ASL_STORE_ERR_IO;
}
if (read_status == AMDUAT_ASL_STORE_FS_READ_CORRUPT) {
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_INTEGRITY;
} }
if (read_status != AMDUAT_ASL_STORE_FS_READ_OK) {
return AMDUAT_ASL_STORE_ERR_IO;
}
if (stored_len != expected_len) { if (stored_len != expected_len) {
free(stored_bytes); free(stored_bytes);
@ -315,7 +322,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
bool wrote_new; bool wrote_new;
if (ctx == NULL || out_ref == NULL) { if (ctx == NULL || out_ref == NULL) {
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
fs = (amduat_asl_store_fs_t *)ctx; fs = (amduat_asl_store_fs_t *)ctx;
@ -340,7 +347,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
&artifact_bytes)) { &artifact_bytes)) {
amduat_octets_free(&artifact_bytes); amduat_octets_free(&artifact_bytes);
amduat_reference_free(&derived_ref); amduat_reference_free(&derived_ref);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
objects_path = NULL; objects_path = NULL;
@ -362,7 +369,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
if (!ok) { if (!ok) {
amduat_octets_free(&artifact_bytes); amduat_octets_free(&artifact_bytes);
amduat_reference_free(&derived_ref); amduat_reference_free(&derived_ref);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
if (!amduat_asl_store_fs_require_directory(fs->root_path) || if (!amduat_asl_store_fs_require_directory(fs->root_path) ||
@ -379,7 +386,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
free(level1_path); free(level1_path);
free(level2_path); free(level2_path);
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
cmp_err = amduat_asl_store_fs_compare_existing(object_path, cmp_err = amduat_asl_store_fs_compare_existing(object_path,
@ -396,7 +403,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_OK; return AMDUAT_ASL_STORE_OK;
} }
if (cmp_err == AMDUAT_ASL_STORE_ERR_INTEGRITY) { if (cmp_err != AMDUAT_ASL_STORE_ERR_NOT_FOUND) {
amduat_octets_free(&artifact_bytes); amduat_octets_free(&artifact_bytes);
amduat_reference_free(&derived_ref); amduat_reference_free(&derived_ref);
free(objects_path); free(objects_path);
@ -426,7 +433,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
free(level1_path); free(level1_path);
free(level2_path); free(level2_path);
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return cmp_err;
} }
} else if (write_status != AMDUAT_ASL_STORE_FS_WRITE_OK) { } else if (write_status != AMDUAT_ASL_STORE_FS_WRITE_OK) {
amduat_octets_free(&artifact_bytes); amduat_octets_free(&artifact_bytes);
@ -437,7 +444,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
free(level1_path); free(level1_path);
free(level2_path); free(level2_path);
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} else { } else {
wrote_new = true; wrote_new = true;
} }
@ -454,7 +461,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
free(level1_path); free(level1_path);
free(level2_path); free(level2_path);
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
if (!amduat_asl_store_fs_fsync_directory(fs->root_path)) { if (!amduat_asl_store_fs_fsync_directory(fs->root_path)) {
if (wrote_new) { if (wrote_new) {
@ -468,7 +475,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_put_impl(
free(level1_path); free(level1_path);
free(level2_path); free(level2_path);
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
*out_ref = derived_ref; *out_ref = derived_ref;
@ -502,7 +509,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_get_impl(
bool decoded; bool decoded;
if (ctx == NULL || out_artifact == NULL) { if (ctx == NULL || out_artifact == NULL) {
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
fs = (amduat_asl_store_fs_t *)ctx; fs = (amduat_asl_store_fs_t *)ctx;
@ -541,7 +548,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_get_impl(
&level1_path, &level1_path,
&level2_path, &level2_path,
&object_path)) { &object_path)) {
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
stored_bytes = NULL; stored_bytes = NULL;
@ -557,7 +564,16 @@ static amduat_asl_store_error_t amduat_asl_store_fs_get_impl(
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_NOT_FOUND; return AMDUAT_ASL_STORE_ERR_NOT_FOUND;
} }
if (read_status != AMDUAT_ASL_STORE_FS_READ_OK) { if (read_status == AMDUAT_ASL_STORE_FS_READ_IO) {
free(objects_path);
free(profile_path);
free(hash_path);
free(level1_path);
free(level2_path);
free(object_path);
return AMDUAT_ASL_STORE_ERR_IO;
}
if (read_status == AMDUAT_ASL_STORE_FS_READ_CORRUPT) {
free(objects_path); free(objects_path);
free(profile_path); free(profile_path);
free(hash_path); free(hash_path);
@ -566,6 +582,15 @@ static amduat_asl_store_error_t amduat_asl_store_fs_get_impl(
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_INTEGRITY;
} }
if (read_status != AMDUAT_ASL_STORE_FS_READ_OK) {
free(objects_path);
free(profile_path);
free(hash_path);
free(level1_path);
free(level2_path);
free(object_path);
return AMDUAT_ASL_STORE_ERR_IO;
}
computed_digest = (uint8_t *)malloc(hash_desc->digest_len); computed_digest = (uint8_t *)malloc(hash_desc->digest_len);
if (computed_digest == NULL) { if (computed_digest == NULL) {
@ -576,7 +601,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_get_impl(
free(level1_path); free(level1_path);
free(level2_path); free(level2_path);
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
stored_octets = amduat_octets(stored_bytes, stored_len); stored_octets = amduat_octets(stored_bytes, stored_len);
@ -592,7 +617,7 @@ static amduat_asl_store_error_t amduat_asl_store_fs_get_impl(
free(level1_path); free(level1_path);
free(level2_path); free(level2_path);
free(object_path); free(object_path);
return AMDUAT_ASL_STORE_ERR_INTEGRITY; return AMDUAT_ASL_STORE_ERR_IO;
} }
if (memcmp(computed_digest, ref.digest.data, hash_desc->digest_len) != 0) { if (memcmp(computed_digest, ref.digest.data, hash_desc->digest_len) != 0) {

3
src/pel_stack/surf/surf.c
View file

@ -60,6 +60,9 @@ static bool amduat_store_error_map(amduat_asl_store_error_t err,
case AMDUAT_ASL_STORE_ERR_UNSUPPORTED: case AMDUAT_ASL_STORE_ERR_UNSUPPORTED:
*out_code = AMDUAT_PEL_STORE_ERROR_UNSUPPORTED; *out_code = AMDUAT_PEL_STORE_ERROR_UNSUPPORTED;
return true; return true;
case AMDUAT_ASL_STORE_ERR_IO:
*out_code = AMDUAT_PEL_STORE_ERROR_INTEGRITY;
return true;
default: default:
return false; return false;
} }

4
src/tools/amduat_asl_cli.c
View file

@ -118,6 +118,8 @@ static const char *amduat_asl_cli_store_error_str(
return "unsupported"; return "unsupported";
case AMDUAT_ASL_STORE_ERR_INTEGRITY: case AMDUAT_ASL_STORE_ERR_INTEGRITY:
return "integrity"; return "integrity";
case AMDUAT_ASL_STORE_ERR_IO:
return "io";
case AMDUAT_ASL_STORE_OK: case AMDUAT_ASL_STORE_OK:
return "ok"; return "ok";
default: default:
@ -133,6 +135,8 @@ static int amduat_asl_cli_map_store_error(amduat_asl_store_error_t err) {
return AMDUAT_ASL_CLI_EXIT_UNSUPPORTED; return AMDUAT_ASL_CLI_EXIT_UNSUPPORTED;
case AMDUAT_ASL_STORE_ERR_INTEGRITY: case AMDUAT_ASL_STORE_ERR_INTEGRITY:
return AMDUAT_ASL_CLI_EXIT_STORE; return AMDUAT_ASL_CLI_EXIT_STORE;
case AMDUAT_ASL_STORE_ERR_IO:
return AMDUAT_ASL_CLI_EXIT_IO;
case AMDUAT_ASL_STORE_OK: case AMDUAT_ASL_STORE_OK:
default: default:
return AMDUAT_ASL_CLI_EXIT_STORE; return AMDUAT_ASL_CLI_EXIT_STORE;

4
src/tools/amduat_pel_cli.c
View file

@ -153,6 +153,8 @@ static const char *amduat_pel_cli_store_error_str(
return "unsupported"; return "unsupported";
case AMDUAT_ASL_STORE_ERR_INTEGRITY: case AMDUAT_ASL_STORE_ERR_INTEGRITY:
return "integrity"; return "integrity";
case AMDUAT_ASL_STORE_ERR_IO:
return "io";
case AMDUAT_ASL_STORE_OK: case AMDUAT_ASL_STORE_OK:
return "ok"; return "ok";
default: default:
@ -168,6 +170,8 @@ static int amduat_pel_cli_map_store_error(amduat_asl_store_error_t err) {
return AMDUAT_PEL_CLI_EXIT_UNSUPPORTED; return AMDUAT_PEL_CLI_EXIT_UNSUPPORTED;
case AMDUAT_ASL_STORE_ERR_INTEGRITY: case AMDUAT_ASL_STORE_ERR_INTEGRITY:
return AMDUAT_PEL_CLI_EXIT_STORE; return AMDUAT_PEL_CLI_EXIT_STORE;
case AMDUAT_ASL_STORE_ERR_IO:
return AMDUAT_PEL_CLI_EXIT_IO;
case AMDUAT_ASL_STORE_OK: case AMDUAT_ASL_STORE_OK:
default: default:
return AMDUAT_PEL_CLI_EXIT_STORE; return AMDUAT_PEL_CLI_EXIT_STORE;

4
src/tools/amduat_pel_run.c
View file

@ -66,6 +66,8 @@ static const char *amduat_pel_run_store_error_str(
return "unsupported"; return "unsupported";
case AMDUAT_ASL_STORE_ERR_INTEGRITY: case AMDUAT_ASL_STORE_ERR_INTEGRITY:
return "integrity"; return "integrity";
case AMDUAT_ASL_STORE_ERR_IO:
return "io";
case AMDUAT_ASL_STORE_OK: case AMDUAT_ASL_STORE_OK:
return "ok"; return "ok";
default: default:
@ -81,6 +83,8 @@ static int amduat_pel_run_map_store_error(amduat_asl_store_error_t err) {
return AMDUAT_PEL_RUN_EXIT_UNSUPPORTED; return AMDUAT_PEL_RUN_EXIT_UNSUPPORTED;
case AMDUAT_ASL_STORE_ERR_INTEGRITY: case AMDUAT_ASL_STORE_ERR_INTEGRITY:
return AMDUAT_PEL_RUN_EXIT_STORE; return AMDUAT_PEL_RUN_EXIT_STORE;
case AMDUAT_ASL_STORE_ERR_IO:
return AMDUAT_PEL_RUN_EXIT_IO;
case AMDUAT_ASL_STORE_OK: case AMDUAT_ASL_STORE_OK:
default: default:
return AMDUAT_PEL_RUN_EXIT_STORE; return AMDUAT_PEL_RUN_EXIT_STORE;

4
src/tools/amduat_pel_seed.c
View file

@ -144,6 +144,8 @@ static const char *amduat_pel_seed_store_error_str(
return "unsupported"; return "unsupported";
case AMDUAT_ASL_STORE_ERR_INTEGRITY: case AMDUAT_ASL_STORE_ERR_INTEGRITY:
return "integrity"; return "integrity";
case AMDUAT_ASL_STORE_ERR_IO:
return "io";
case AMDUAT_ASL_STORE_OK: case AMDUAT_ASL_STORE_OK:
return "ok"; return "ok";
default: default:
@ -159,6 +161,8 @@ static int amduat_pel_seed_map_store_error(amduat_asl_store_error_t err) {
return AMDUAT_PEL_SEED_EXIT_UNSUPPORTED; return AMDUAT_PEL_SEED_EXIT_UNSUPPORTED;
case AMDUAT_ASL_STORE_ERR_INTEGRITY: case AMDUAT_ASL_STORE_ERR_INTEGRITY:
return AMDUAT_PEL_SEED_EXIT_STORE; return AMDUAT_PEL_SEED_EXIT_STORE;
case AMDUAT_ASL_STORE_ERR_IO:
return AMDUAT_PEL_SEED_EXIT_IO;
case AMDUAT_ASL_STORE_OK: case AMDUAT_ASL_STORE_OK:
default: default:
return AMDUAT_PEL_SEED_EXIT_STORE; return AMDUAT_PEL_SEED_EXIT_STORE;